\\
About __Amazon Cognito__ : [Link|https://aws.amazon.com/cognito/]\\
\\
Create or use an existing __Amazon Cognito user pool__: [Cognito User Identity Pools Link|https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools.html] A Cognito User Pool provides a secure user directory to manage sign-up and sign-in functionality. You can create a new pool or select one you’ve already configured.\\
\\
Create or configure an __App Client__ for your __Cognito User Pool__: Refer to the official documentation: [Cognito App Client Settings Link|https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-client-apps.html]\\
An __App Client__ is required to allow applications to authenticate users via the __User Pool__. You can either create a new client or configure an existing one with the necessary settings (callback URLs, OAuth flows, scopes).\\
\\
App type : Select __Confidential client__.\\
Enable __Generate client secret__.\\
Allowed callback URLs:  https://<<your CrushFTP domain>>__/SSO_OIDC/__\\
OAuth 2.0 grant types : __Authorization code grant__\\
OpenID Connect scopes : __OpenID__\\
\\
[CrushOAuth/cognito_user_pool_app_client_1.png]\\
[Amazon Cognito Configuration/cognito_user_pool_app_client_2.png]\\
\\
Copy and securely store the __Client ID and __Client Secret__ as these will be required for the [CrushOIDC] plugin configuration.\\
__!!!Continue on:__ [CrushOIDC]\\
\\